Re: [PATCH][v3] virt: tdx-guest: Don't free decrypted memory

From: Kirill A. Shutemov
Date: Wed Jun 19 2024 - 06:38:08 EST


On Wed, Jun 19, 2024 at 04:47:50PM +0800, Li RongQing wrote:
> In CoCo VMs it is possible for the untrusted host to cause
> set_memory_decrypted() to fail such that an error is returned
> and the resulting memory is shared. Callers need to take care
> to handle these errors to avoid returning decrypted (shared)
> memory to the page allocator, which could lead to functional
> or security issues. So leak the decrypted memory when
> set_memory_decrypted fails, and don't need to print an error
> since set_memory_decrypted will call WARN_ONCE.

Add "()" for set_memory_decrypted() and WARN_ONCE().

And put the solution into a separate paragraph:

s/ So leak/\n\nLeak/

> Reviewed-by: Rick Edgecombe <rick.p.edgecombe@xxxxxxxxx>
> Signed-off-by: Li RongQing <lirongqing@xxxxxxxxx>

Otherwise, looks good:

Reviewed-by: Kirill A. Shutemov <kirill.shutemov@xxxxxxxxxxxxxxx>

--
Kiryl Shutsemau / Kirill A. Shutemov